OK, good info. Tell me some more about the setup:
- is the DNS server on teh same network as the polling engine or not?
- Are you using a domain account, local (to the DNS server) account, or something else?
- does the account have local-admin permissions
- do you block WMI, either on the network or at the server level through GPO?
- can you add other servers as WMI nodes, or is this your first attempt?

0

George MartinezNetwork Administrator Author Commented: 2016-10-13

-yes its on the same network
- yes ive tried to use our domain admin account and my account im also a domain admin
- yes
-i dont think we block wmi on the network maybe on the server how can i find out
- yes we have successfully added several servers with wmi and using the same admin account
i also tried to use the tool in that article on both the dns server and the solarWinds server on the dns i used the solarwinds ip as the target and i was able to communicate. But on the solarwinds server using the dns ip as the target i wasn't able to connect

So that tells me that the DNS server is blocking some aspect of incoming WMI requests. If your DNS server is also a domain controller, that could be part of the issue. Domain controllers are often more restricted than regular (non-AD) servers.

One thing to try AS A TEST is to turn off windows firewall on the DNS box. Don't do that for any significant length of time (and I'm assuming there's no chance of external connections to this box. If there is, FORGET THIS TEST).

If turning off firewall is NOT the problem, then you should
1) weep pitiably because the next step is annoying and painful
2) install wireshark on the polling engine
3) turn on wireshark and capture packets between the poller and the DNS server
4) try to do a test connection
5) stop the wireshark capture and analyze
6) drink heavily

The sad truth is that wireshark WILL tell you what's wrong. The equally sad truth is that unless you love wireshark, it's going to take a whole lot of effort to understand what it's telling you.

Let me know if this helps.
- Leon

0

George MartinezNetwork Administrator Author Commented: 2016-10-13

yes your right this box is also working as a domain controller. With that information should i still attempt all the other steps you asked me to do?

Well, you may want to check with the server admin team to see if they've locked down domain admin (which *is* local admin on AD boxes) for the DNS box specifically. Otherwise, yeah you still need to know what exactly is being blocked.

Anothre thought is to open a ticket for "Orion Framework" rjather than IPAM. Because this issue is not really related to IPAM as much as it's just pure connectivity. I know that SOME of our support team troubleshoot this issue all the time.

Yes. that means the RPC service is either stopped, locked down, or something. RPC - remote procedure call - was a vector for hacking and viruses about a decade ago. Here's just ONE page (out of many) offering some thoughts on troubleshooting.